Keeping Secrets in Code

The problem of keeping secrets – usernames, passwords, API keys, etc, in code that you write is a pretty old problem. I haven’t had a solution that I liked – especially when I am putting code up on github, for a long time.

Until now. I am putting things like that in a “secrets” file, or in environment variables, which are easy to access from your code, but don’t show up in your code repository. Here’s an example in Python of keeping a “secrets” file that the script can access, and then yoinking its contents into a dictionary for easy reference:

def getSecrets():

def getSecrets():
  SECRETFILE = os.environ["SECRETFILE"]
  with open(SECRETFILE , "r") as scrts:
    return dict(line.strip().split("=====") for line in scrts)

secrets = getSecrets()

api_url = secrets["Test API URL"]
api_key = secrets["Test API Key"]

""" The file itself would look like this:

API Key=====zEV}pF_vn4g35Ye:
API URL=====https://example.com
..."""

M	T	W	T	F	S	S
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30